Electrical computers and digital processing systems: support – Multiple computer communication using cryptography – Protection at a particular protocol layer
Patent
1997-11-20
2000-02-08
Beausoliel, Jr., Robert W.
Electrical computers and digital processing systems: support
Multiple computer communication using cryptography
Protection at a particular protocol layer
380 25, G06F 1300, H04L 900
Patent
active
060237651
ABSTRACT:
Role-based access control (RBAC) is implemented on an multi-level secure (MLS) system by establishing a relationship between privileges within the RBAC system and pairs of levels and compartments within the MLS system. The advantages provided by RBAC, that is, reducing the overall number of connections that must be maintained, and, for example, greatly simplifying the process required in response to a change of job status of individuals within an organization, are then realized without loss of the security provided by MLS.
A trusted interface function is developed to ensure that the RBAC rules permitting individuals access to objects are followed rigorously, and provides a proper mapping of the roles to corresponding pairs of levels and compartments. No other modifications are necessary. Access requests from subjects are mapped by the interface function to pairs of levels and compartments, after which access is controlled entirely by the rules of the MLS system.
REFERENCES:
patent: 5265221 (1993-11-01), Miller
patent: 5347578 (1994-09-01), Duxbury
patent: 5481700 (1996-01-01), Thurailingham
patent: 5535383 (1996-07-01), Gower
patent: 5577209 (1996-11-01), Boyle et al.
patent: 5680452 (1997-10-01), Shanton
patent: 5692124 (1997-11-01), Holden et al.
patent: 5717755 (1998-02-01), Shanton
patent: 5724426 (1998-03-01), Rosenow et al.
patent: 5828832 (1998-10-01), Holden et al.
patent: 5832228 (1998-11-01), Holden et al.
patent: 5836011 (1998-11-01), Hambrick et al.
patent: 5848232 (1998-12-01), Lermuzeaux et al.
patent: 5859966 (1999-01-01), Hayman et al.
patent: 5881225 (1999-03-01), Worth
patent: 5898781 (1999-04-01), Shanton
patent: 5911143 (1999-06-01), Deinhart et al.
Ferraiolo and Kuhn, "Role-Based Access Controls" Proc. 15th NIST-NSA Natil Computer Security Conference (1992).
Angeli P.C. Michael De
Beausoliel, Jr. Robert W.
Iqbal Nadeem
The United States of America as represented by the Secretary of
LandOfFree
Implementation of role-based access control in multi-level secur does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Implementation of role-based access control in multi-level secur, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Implementation of role-based access control in multi-level secur will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-1689198